Personnel Security: Insider Threat Mitigation



Similar documents
P. O. Box 1520 Columbia, South Carolina Effective date of implementation: January 1, Domestic Violence

Select Agent Program Workshop November 16, Agricultural Select Agent Program (USDA/APHIS) CDC Select Agent Program (HHS/CDC)

A Survey of Tier 1 BSAT Personnel Suitability and Occupational Health Programs

NEW HAMPSHIRE. Downloaded January 2011 HE P NURSING HOME REQUIREMENTS FOR ORGANIZATIONAL CHANGES.

LEVEL I SCREENING Step 1: Make Sure All Students / Staff Are Safe

Mandatory Reporting of Child Sexual Abuse in Western Australia

Training Courses Catalog 2015

WORKPLACE VIOLENCE POLICY

Are you aware of any similar incidents in the past? If yes, provide details:

SAMPLE WORKPLACE VIOLENCE POLICY

Mandatory Review Date: January 15, 2018

Rensselaer County Workplace Violence Prevention Policy & Incident Reporting

Fraud, Waste and Abuse Training

Campus and Workplace Violence Prevention

Scope of Workplace Violence Program 2, 3. Types of Workplace Violence Events 4, 5. Preventative Measures 6, 7. Responding to Workplace Violence 8, 9

Departmental Policy for Handling of Domestic Violence Incidents Involving Law Enforcement Officers 1

Guidance on professional conduct. For nursing and midwifery students

Date Amendments/Actions Next Compulsory Review Date

Glasgow Kelvin College. Disciplinary Policy and Procedure

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

This procedure applies where formal disciplinary action is commenced on or after 11 December 2013

Disciplinary policy INTRODUCTION

Workplace Violence Prevention: A Multidisciplinary Approach

effects on youth Daniel J. Flannery PhD Dr. Semi J. and Ruth Begun Professor

Disciplinary Policy and Procedure

State University of New York at Potsdam. Workplace Violence Prevention Policy and Procedures

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

Disciplinary and Dismissals Policy

Practice Tool 2 Common risk assessment tool

THE CHILD ABUSE ASSESSMENT:

The guidance 2. Guidance on professional conduct for nursing and midwifery students. Your guide to practice

4218 SUBSTANCE ABUSE (M)

FITNESS TO PRACTICE STATEMENT

It s hard to know what to do when you know or suspect that a friend or family member is living with violence.

No employee, student, contractor or visitor shall in connection with any workrelated

A Guide to Apprehended Domestic Violence Orders (ADVO) and Apprehended Violence Orders (AVO) in New South Wales

Hope In-Home Care CODE OF CONDUCT AND ETHICS

College Policies and Procedures. Code of Student Conduct for South Essex College students in University of Essex Residential Accommodation

U.S. DoD Physical Security Market

DISCIPLINARY POLICY & PROCEDURE FOR SCHOOL BASED STAFF

College of DuPage Information Technology. Information Security Plan

Domestic Abuse, Stalking and Harassment and Honour Based Violence (DASH, 2009) Risk Identification and Assessment and Management Model

What Everyone Needs to Know About Elder Abuse 1 Rebecca C. Morgan Stetson University College of Law

How To Set Up A National Biological Laboratory Safety And Security Monitoring Program

FSPCOMP3 Assess and mitigate the compliance risks relevant to your organisation

Disciplinary Policy for Schools

Johnson Electric Group Code of Ethics and Business Conduct

One-to-One Technology Initiative Table of Contents

Cyber Crime ACC Crime

ANTI-FRAUD POLICY Adopted August 13, 2015

Crime in America

Little Stoke Primary School

Section VI Principles of Laboratory Biosecurity

VILLAGE OF RYE BROOK. Injury and Illness Prevention Program For Workplace Violence

POLICY NO. 449 IDENTITY THEFT PREVENTION POLICY

Fair Practice Code for Credit Card Operations

HMG Security Policy Framework

3 Level Behaviour Management System

Guidance on Lone Working in the Healthcare Sector

DISCIPLINARY PROCEDURE

This policy has been created using the WBC Model Policy Version December 2013.

Operating procedure. Managing customer contacts

Policy Rationale and Text

QUICK REFERENCE GUIDE. Workplace Violence. What You Need to Know to Protect Yourself and Your Employees

What Employers Need to Know to Help

Violence Prevention Policy published. Supercedes the Prevention and Management of Aggressive Behaviour Policy

Campus Violence Prevention An Integrated Approach to Threat Assessment and Case Management

WORKPLACE VIOLENCE PREVENTION. Definition. Definition Cont d. Health Care and Social Service Workers

Anti-bribery and Fraud Protection Policy

Discipline. Managing People. VOIP HR Direct Fife Council April DI02. P o l i c y a n d P r o c e d u r e. 1 Purpose and Scope

* Use tag F224 for deficiencies concerning mistreatment, neglect, or misappropriation of resident property.

INFORMATION SECURITY MANAGEMENT POLICY

Fraud, Waste & Abuse. Training Course for UHCG Employees

Supervisor s Guide for. Coaching & Corrective Action

How To Deal With An Allegation Of Sexual Abuse In A School

SEN15-P69b 24 June University Ordinances

IBN Financial Services, Inc. Identity Theft Prevention Program(ITPP) under the FTCFACTActRedFlagsRule

Fraud, Waste, and Abuse

RowanSOM STUDENT CODE OF CONDUCT

Threat Assessments to Manage Threatening Situations and Create Safer Schools

INFORMATION TECHNOLOGY Policy 8400 (Regulation 8400) Data Security

Helix Energy Solutions Group, Inc. Code of Business Conduct and Ethics

Transcription:

Personnel Security: Insider Threat Mitigation Ben Perman, PhD, RBP American Biological Safety Association 2013 Annual Meeting Kansas City, MO October 23, 2013

Is the Insider Threat real? There has never been a case of someone weaponizing bio material from inside the lab. I don t work with BSAT so the probability of someone stealing or intentionally misusing bio material/technology is extremely low. Everyone who works here is FBI cleared the gold standard and thus is suitable to work here. Our lab has a robust suitability process when hiring staff, so everyone here will always be a good guy. If someone was going to do something bad, we would know about it and someone would report it.

Threat Assessment Threats are posed by adversaries. Adversaries are people. People provide a series of clues to their current and future status as a threat through their behavior they do not just snap Threatening behaviors tend to escalate over time so early detection and mitigation is effective this is known as the targeted violence process Personnel Security practices are informed by knowledge about: how threats develop; and, how to detect threats during their development

Personnel Security Personal Security Programs empower employees to take responsibility for their own protection and become aware of the nature of potential threats that they may encounter. Pre-access Suitability establishes a behavioral baseline Personnel Reliability - ongoing assessment to identify if/when individual deviates from their behavioral baseline Training awareness is the pre-requisite for compliance Personal Security - protects individuals from unknowingly contributing to an insider threat by educating them in areas such as operation security, information security, and threat awareness Collectively works to identify, monitor, and counter insider threats

Pre-Access Suitability in Regulation 42 CFR 73.11(f)(1) [The security plan must] Describe procedures for conducting a pre-access suitability assessment of persons who will have access to a Tier 1 select agent or toxin; CDC Guidance for Suitability Assessments A combination of pre-access and on-going suitability practices, in conjunction with comprehensive and consistent review mechanisms, determining the reliability of personnel for access to Tier 1 BSAT, and allowing individuals to report risks and threats to safety and security concerning Tier 1 BSAT to entity leadership.

Pre-Access Suitability FBI Security Risk Assessment Not a background investigation Does not determine if an employee is suitable to access BSAT Applicant/employee Information Criminal history Home address history Work history Contact information (professional / peer) Visa/residency status Information obtained from records Criminal records Civil orders Driving records Education records Professional licenses/certification Interviews Applicant / employee Professional and peer references (seek secondary contacts) Employ tactical interview procedures (e.g. structured, open-ended questions)

Personnel Reliability in Regulation 42 CFR 73.11(f)(3) [The security plan must] Describe procedures for the ongoing assessment of the suitability of personnel with access to a Tier 1 select agent of toxin. The procedures must include: (i) Self- and peer-reporting of incidents or conditions that could affect an individual s ability to safely have access to or work with select agents and toxins, or to safeguard select agents and toxins from theft, loss, or release. (ii) The training of employees with access to Tier 1 select agents and toxins on entity policies and procedures for reporting, evaluation, and corrective actions concerning the assessment of personnel suitability; and (iii) The ongoing suitability monitoring of individuals with access to Tier 1 select agents and toxins.

Examples of Concerning Behaviors Sending inappropriate emails, texts, mail or other written/verbal communication Unjustified anger, aggression Inappropriate conduct toward colleagues Sabotaging colleagues research Physical violence (to objects or persons) Acts of vandalism or property damage Unexplained absences Deception Laboratory work that does not correspond to official project Working in off-hours without justification or documentation Security breaches, accessing computer/email passwords, stealing laboratory notebooks or reagents Violent or suicidal ideation Violent or suicidal planning Violent or suicidal preparation False report - applications or other formal institutional documents Unlawfully carrying weapons Cruelty to animals Stalking, obsessional relationship Significant change in appearance Significant work/life change Alcohol / drug abuse Undue focus on grievance

Personnel Reliability Reliability: The maintenance of suitable characteristics for continued access to valuable biological materials. trust. Reliability Scope Changes in employee performance Behaviors that might indicate changes in the behavioral baseline established in the initial suitability phase Behaviors of concern Incidents Work-life issues and incidents Whole person paradigm Reliability Process Periodic reassessment of suitability Peer and self-reporting

Failure to Report Poor training didn t know which behaviors were serious enough to report; didn t understand the value of reporting incidents Poor leadership fear of reprisal or lack of confidence in organization and policies Diffusion of responsibility thought others would report it Familiarity breeds contempt had become desensitized to behaviors

Threat Assessment Task Force Interdisciplinary Membership Laboratory Management (PI, RO, BSO) Personnel Administration (HR, EAP, Ombudsman) Security and Law Enforcement Occupational Health and Wellness Threat Assessment Professional Threat Assessment Process Staff won t comply with reporting if they don t feel protected. Deters intentional false reporting if staff know review process will occur every time Consistent follow-through will establish a culture trust in the system for all employees (both reporter and reported)

Personnel Security Training Personnel Reliability Peer and Sell Reporting Process Ways to report self/peer concerns and who to report to Reporting process/rules Behaviors of concern Mandatory incident reporting False report warning Reprisal protection whistleblower Personal Security Operational security Information security includes cyber security Elicitation and manipulation awareness Counter-surveillance awareness Local threat updates Threat history Threat presence and direct threats Indirect threats police activity

Leadership Training Additional Training for Managers Receiving and processing reports Trust, preventing false report and retribution Referral of reports to Threat Assessment Team Tactical interview techniques Termination and suspension of access Additional Training for Threat Assessment Task Force The institutional threat assessment process Local threat updates Best practice: Conduct tabletop exercise using a couple recent or hypothetical case studies that exercise institutional Personnel Security policies

Conclusions Threats are people The focus of security should be on people Personnel Security Violence is a process Threats exhibit behavioral indicators that can be used as the primary data in a threat assessment The brilliant internal guardian the most valuable tool, peer & self reporting. must be protected from: Failure to report False report Reprisal Personnel Security - is the comprehensive framework to monitor behaviors, detect indicators and refer threat cases to an interdisciplinary threat assessment team.

Resources Report of the Virginia Tech Review Panel. (2007). http://www.governor.virginia.gov/tempcontent/techpanelreport.cfm Report of the Expert Behavioral Analysis Panel [redacted] (2011). http://www.dcd.uscourts.gov/dcd/sites/dcd/files/unsealeddoc031011.pdf Hunters And Howlers: Threats And Violence Against Judicial Officials In The U.S., 1789-1993. Frederick Calhoun (1998) Evaluating Risk for Targeted Violence in Schools: Comparing Risk Assessment, Threat Assessment, and Other Approaches. Reddy et al. (2001). http://www.threatresources.com/downloads/evaluating_risk_schools.pdf U.S. Secret Service, National Threat Assessment Center http://www.secretservice.gov/ntac.shtml University of Nebraska, Targeted Violence Research Team http://psych.unl.edu/forensic/threat_assessment_research2.htmlplacehold er centers of excellence

Acknowledgments Booz Allen Hamilton, Inc. Molly Rickard Michael Majewski, Ph.D. Jason Griffeth Tricia Delarosa, Ph.D., CBSP, RBP Lindsay Odell, Ph.D. AtRisk International, LLC Chuck Tobin James Dornak Daniel Apple

Mandatory Reportable Information Circumstances that may affect SRA status of an individual Circumstances that may affect the ability of an individual to perform their job in a safe and secure manner Significant changes in behavior, attitudes, demeanor, or actions of an individual Stated or implied threats to colleagues, institutions, the security of Tier 1 BSAT, the well-being of laboratory animals, or the general public Any information that causes an individual to have concerns about their own ability to perform their job safely and securely Any circumstances that appear suspicious such as requests for security or laboratory information without justification, attempts at unauthorized access for friends or colleagues, and unauthorized work alone in a facility at off-hours

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information